<?php
session_start();
/*
 * Session variables:
 * $_SESSION['type'] [string] = user type of the logged in user
 * $_SESSION['authorised'] [boolean] = whether or not the current user is logged in
 */

if(isset($_SESSION['authorised']) && $_SESSION['authorised'] == true)
{   
    if(isset($_SESSION['type']))
    {
        if($_SESSION['type'] == 'administrator')
        {           
			$subject=strtoupper(addslashes(pg_escape_string($_POST['subject'])));
			$section=strtoupper(addslashes(pg_escape_string($_POST['section'])));
			$room_id=addslashes(pg_escape_string($_POST['room']));
			$teacher_id=addslashes(pg_escape_string($_POST['tutor']));
			$starthr=addslashes(pg_escape_string($_POST['starthr']));
			$startmin=addslashes(pg_escape_string($_POST['startmin']));
			$start=addslashes(pg_escape_string($_POST['start']));
			$starttime=$starthr.':'.$startmin.' '.$start;
			$endhr=addslashes(pg_escape_string($_POST['endhr']));
			$endmin=addslashes(pg_escape_string($_POST['endmin']));
			$end=addslashes(pg_escape_string($_POST['end']));
			$endtime=$endhr.':'.$endmin.' '.$end;
			$startmonth=strtoupper(addslashes(pg_escape_string($_POST['startmonth'])));
			$startday=addslashes(pg_escape_string($_POST['startday']));
			$startyear=addslashes(pg_escape_string($_POST['startyear']));
			$endmonth=strtoupper(addslashes(pg_escape_string($_POST['endmonth'])));
			$endday=addslashes(pg_escape_string($_POST['endday']));
			$endyear=addslashes(pg_escape_string($_POST['endyear']));
			$for_reservation= addslashes(pg_escape_string($_POST['for_reservation']));
        	if($subject==''||$section==''||$startday==''||$startmonth==''||$endday==''||$endmonth==''||$endtime==''||$starttime=='')
            {
            	$_SESSION['error']="Error in creating class. Put information in all fields.";
				header('Location:admin_alert.php');
                exit();
            }
            
			include('connection.inc');
            
            $sql = "SELECT * FROM classes where subject='$subject' AND section='$section'";
            $result = pg_query($sql);
            
            $count = pg_num_rows($result);
            
            if($count >= 1)
            {
                $_SESSION['error']= 'Class already exists';
                header('Location:admin_alert.php');
                exit();
            }
            else
            {
                $sql="INSERT INTO classes (subject, section, teacher_id, startdate, enddate, room_id, starttime, endtime, for_reservation) VALUES ('$subject','$section', '$teacher_id', to_date('$startday $startmonth $startyear', 'DD MON YYYY') ,to_date('$endday $endmonth $endyear', 'DD MON YYYY'), '$room_id', '$starttime', '$endtime', '$for_reservation')";
				$result=pg_query($sql);
				header('Location: admin_viewclasses.php');
				exit();
		    }
        }
        elseif($_SESSION['type'] == 'student')
        {
            header('Location: student_index.php');
            exit();
        }
        elseif($_SESSION['type'] == 'tutor')
        {
            header('Location: tutor_index.php');
            exit();
        }
        elseif($_SESSION['type'] == 'parent')
        {
            header('Location: parent_index.php');
            exit();
        }
    }
}
else
{
    header('Location: index.php');
}
?>
